Holistic RFID Hacking

Learn how to perform security assessments on RFID systems and how to exploit the discovered weaknesses. Attendees will explore in hands-on sessions the weaknesses of existing LF and HF RFID systems while learning to use RFID hardware tools for reading, copying and emulating RFID cards.

This two day course will teach you a holistic approach to break RFID systems by teaching you to spot the weakest point in the whole system. This includes reader hardware security and reverse-engineering of readers and undocumented air protocols. Attendees will receive a hardware kit for reading and emulating LF and HF RFID cards.

Instructors: Milosch Meriac
Dates: 6-7 July 2011
Availability: 15 Seats

Topics Covered

RFID Basics:
* The Physics of RFID (LF, HF, UHF) and it's limitations
* Commonly used RFID Protocols and their Weaknesses
* Choosing the right hardware tools for RFID security evaluations
* RFID HF/LF Antenna Design
* Sniffing RFID On Air Protocols
* RFID Tag Emulation

RFID Cryptography gone haywire:
* How good cryptography fails in actual implementations
* How bad cryptography can't be protected by lack of documentation
* Breaking MIFARE Classic

Finding the weakest point in RFID systems:
* Breaking HID Prox & HID iCLASS Standard Security
* RFID Reader Hardware Security
* Reverse Engineering RFID Readers and evaluating undocumented RFID systems

Class Requirements

* It is beneficial if students have a basic understanding of a typical Linux System command line

Hardware/software Requirements:

* Laptop running Microsoft Windows, Linux, or OS X with at least 1GB of RAM
* VMware Workstation 7.1.4 (or later) installed


Milosch has over 20 years experience in the information security business and hardware development and is CTO of Bitmanufaktur GmbH in Berlin.

His most recent work was breaking iCLASS Standard security see HID iCLASS™ security demystified and Heart of Darkness - exploring the uncharted backwaters of HID iCLASS™ security.

He is the Co-Founder of active and passive RFID open source projects like Sputnik/OpenBeacon, OpenPCD and OpenPICC and committed to RFID related security research. As a member of the Blinkenlights Stereoscope Core Team he designed the 2.4GHz OpenBeacon based Dimmmer/Ethernet Hardware that was used in the Toronto City Hall Installation. As one of the three maintainers of the former Xbox-Linux Project he helped breaking the Xbox security and ported the first Linux System to the Xbox.

His focus is on hardware development, embedded systems, RF designs, active and passive RFID hardware development, custom-tailoring of embedded Linux hardware platforms, real time systems, IT-security and reverse engineering.

To Register

To register for a training session, download and fill this file and mail it to registration.training2011 recon cx